A risk analysis is the search for hazards and the estimation of the probabilities and severities of any resulting harm.
When the term risk analysis is used, it often refers to a hazard analysis.
To identify the risks, medical device manufacturers must fulfill the following requirements:
The general page on risk management and ISO 14971 provides an overview of all activities in the risk management process and the legal requirements.
ISO 80001-1 is also relevant for hospitals.
The objective of risk analysis obviously is to identify risks.
The first step is to search for hazards based on the intended purpose, the safety-relevant characteristics of the device, and, if applicable, its design.
The hazard analysis procedures are recommended for this purpose:
Risks are combinations of the probability of occurrence and the severity of harm. Both must, therefore, be assessed in this step.
Based on risk acceptance, manufacturers decide on the acceptability of individual risks and, later on, the acceptability of all (residual) risks.
Strictly speaking, this step no longer counts as risk analysis.
Our tips on risk analysis for software have become so extensive that we have dedicated a separate article to them.
One hazard can lead to several risks, as the following example shows.
If a hospital information system has incorrectly saved a laboratory value as negative instead of positive and the doctor, therefore, administers the wrong medication, a patient may come to harm. The patient may die or “only” suffer from nausea.
Depending on your definition of the harm classes, the first harm (death) could be defined as catastrophic, and the second (nausea) as minor. However, both harms have a different probability.
ISO 14971 requires that the personnel responsible for risk management have the necessary qualifications.
As soon as the risk are identified and assessed, these risks must be mitigated as described in this article.
Medical device manufacturers must determine the severity of possible harm to assess the risks posed by their devices. What sounds simple is very challenging in practice. This article assists in determining and documenting the severity of harm in accordance with ISO 14971. 1. Basics a) Definition ISO 14971, the standard for risk management of medical…
DetailsISO 14971 defines the terms “hazard” and “hazardous situation.” Nevertheless, medical device manufacturers often find it difficult to assign concrete cases to either of the two categories. This article provides help. 1. Definition of hazard and hazardous situation The ISO 14971 defines: The standard provides examples of hazards (see Fig. 1): The example of “information”…
DetailsOutsourcing risk management to service providers. Wouldn’t that be convenient? But is that allowed? And how much sense does it make anyway? Conversely, what should you as a service provider not be burdened with under any circumstances? This article provides the answers. It suggests how manufacturers and service providers can divide their activities and gives…
DetailsFMEA, or Failure Mode and Effect Analysis, is a procedure for investigating the unknown effects of known causes. In the case of medical devices, for example, FMEA is used in risk analysis to analyze the consequences of a faulty component, in particular, the resulting hazards. 1. How to use the FMEA a) During development Use…
DetailsIEC 80001-1 has the long title “Application of risk management for IT-networks containing medical devices – Part 1: Tasks, responsibilities and activities“. This article reveals what the standard requires and why manufacturers should also consider it. 1. About DIN EN IEC 80001-1 a) Objectives of DIN EN IEC 80001-1 The standard aims to help minimize…
DetailsLaws and standards formulate requirements on how medical device manufacturers must define and document the development process. Notified bodies check these requirements during audits. This article on the development process provides tips on how to design the process and how to align it with other processes, such as the risk management process. 1. Development process:…
DetailsThis article identifies the seven most common risk management errors that Johner Institute and its auditors encounter most often. It also offers advice on how to avoid these errors. Risk management is among the most important requirements medical device manufacturers must meet. Therefore, it is important that they avoid risk management errors. 1st error class:…
DetailsMedical devices must comply with the legal requirements for functional safety. Unfortunately, the relevant standards and laws for medical devices do not define or use the term “functional safety.” This article provides clarity. 1. Functional safety: The background a) Who has to deal with it? The following roles must understand the concepts of functional safety:…
DetailsThe probability of software defects is difficult to estimate. It’s so difficult that the “old” DIN EN IEC 62304:2006 wrote: “However, there is no agreement on how to determine the probability of the occurrence of software failures using traditional statistical methods.” The standard concluded that “the probability of such a malfunction must be assumed to…
DetailsThe third edition of ISO 14971 has been available since December 2019. This new version of ISO 14971 was published as ISO 14971:2019. It is an evolutionary development of ISO 14971:2007 and does not break with previous concepts. Manufacturers should familiarize themselves with the new and amended requirements of this standard. In December 2019, the…
Details
Privacy Preference
We need your consent before you can continue on our website. If you are under 16 and wish to give consent to optional services, you must ask your legal guardians for permission. We use cookies and other technologies on our website. Some of them are essential, while others help us to improve this website and your experience. Personal data may be processed (e.g. IP addresses), for example for personalized ads and content or ad and content measurement. You can find more information about the use of your data in our privacy policy. You can revoke or adjust your selection at any time under Settings.
Privacy Preference
If you are under 16 and wish to give consent to optional services, you must ask your legal guardians for permission. We use cookies and other technologies on our website. Some of them are essential, while others help us to improve this website and your experience. Personal data may be processed (e.g. IP addresses), for example for personalized ads and content or ad and content measurement. You can find more information about the use of your data in our privacy policy. Here you will find an overview of all cookies used. You can give your consent to whole categories or display further information and select certain cookies.